Mobile commerce authentication and authorization system

ABSTRACT

The mobile commerce authentication and authorization system disclosed, illustrated, and claimed allows a user of a currently existing mobile wireless communications instrument to conduct financial transactions, including purchases, across a wireless communications system using location data to authorize and authenticate the user and the transaction. The location of the mobile wireless communications instrument and the location of a vendor point-of-sale device are matched with a payment sum. Authentication of the user of the mobile wireless communications instrument is achieved at least by application of the position and/or location determinable features of the mobile wireless communications instrument, the position and/or location of a point-of-sale device of a vendor or merchant where the instrument user seeks to purchase goods or services, and the payment sum entered on the point-of-sale device. A transaction matching subsystem located in a wireless customer server hub may assist in processing the location data and the payment sum amount across the wireless communications network.

CROSS-REFERENCE TO RELATED APPLICATION

As provided in 35 U.S.C. §119, this application claims priority toProvisional Application No. 60/023,316 entitled MOBILE COMMERCEAUTHENTICATION AND AUTHORIZATION SYSTEM filed on Jan. 24, 2008 andassigned to the assignee of this application, the contents of which areincorporated by reference into this document.

BACKGROUND

1. Field

The apparatus, system, and method described, illustrated, and claimed inthis document relate generally to a mobile commerce authentication andauthorization system. The system enables a user of an unmodified mobilewireless communications instrument (including, but not limited to, amobile wireless cellular telephone) to conclude authenticated andauthorized purchases, and other commercial transactions, across awireless communications system. The system also automatically initiatesa payment application as a consumer enters a business so that when theconsumer is ready to depart the business and to pay for purchases ofgoods and/or services, the unmodified mobile wireless communicationsinstrument is prepared to conclude the transaction by effecting payment.

The mobile wireless communications instrument is capable of allowing aconsumer to anonymously effect payments across a credit network bycharging a payment to one or more payment instruments of the user, or toconduct and conclude such commercial transactions using any paymentsystem desired by a consumer and acceptable to a vendor or merchant.Anonymity is achieved by use of the location parameters forauthentication and the relationship between the location parameters anda payment sum, thus obviating the need for conventional identificationfeatures such as a personal identification number, possession of apayment instrument, provision of a biometric identifier, or anycomparable device or procedure.

2. Background

Merchants, vendors, credit card associations including VISA andMasterCard® that act as gateways between a financial institution and anissuer for authorizing and funding purchases, and users of mobilewireless communications instruments, all desire to conduct and closepurchases and sales quickly and expeditiously. At least one concern issecurity, including acceptable and proper authorization andauthentication that gives a vendor and a customer confidence that afraudulent transaction will not occur.

Current constructs for effecting consumer purchases across a creditnetwork generally are limited to use of a payment instrument inconnection with purchase. Currently, a consumer must have in possessiona plastic payment instrument such as a credit card or debit card havinga magnetic strip. Alternatively, “contactless” payment instruments maybe used. At the point-of-sale a credit card reader, terminal, or similarpoint-of-sale payment device is provided that requires the consumer tosuccessfully swipe a payment instrument through the point-of-saledevice. Over time, repetitive use degrades the magnetic strip on thepayment instrument, and the data embedded in the magnetic strip maybecome unreadable by a point-of-sale device for a variety of reasons.Degradation of the magnetic strip may cause payment rejection althoughthe consumer may be the authentic owner of the payment instrument. Evenin the case of contactless payment instruments, authentication orverification of the customer is limited to data and information embeddedin the payment instrument. Whoever possesses the payment instrument cancause purchases. The use of personal identification numbers solvesneither the problems of customer identification nor customerauthorization. Even customer authentication fails to overcome problemsresulting from lost or stolen payment instruments, degraded instruments,or loss of functionality between the payment instrument andpoint-of-sale payment devices.

There is a worldwide need, therefore, for a secure point-of-sale paymentsystem that substantially automatically authenticates a customer andsubstantially automatically initiates a payment for sales and purchasesof goods and services on entry of a consumer or customer into a businessor into a geographic area surrounding a business that includes use of aportable, or mobile, wireless communication instrument now commonly inpossession of consumers worldwide. At least one example of such aportable, or mobile, wireless communications instrument is a cellulartelephone, but any wireless communications instrument to which acomputer and/or data processing system may be operatively connected maybe used.

Most proposed mobile commerce solutions for conducting purchases using amobile wireless communications instrument such as a cellular telephonerequire the cellular telephone to be altered either structurally orsystemically by adding hardware, software, and/or combinations ofhardware and software. For example, although Near Field Communication(“NFC”) offers solutions in this field, the mobile wirelesscommunications instrument must be adapted to communicate with anNFC-adapted device. The only advantage of being integrated with acellular telephone is that the user is, these days, likely to have acellular telephone in possession of the user and/or customer. However,the need for major alterations of the mobile wireless communicationsinstrument, and the infrastructure equipment to support the NFC-operabledevice, substantially reduce the likelihood of universality of use.

In addition, problems arise because consumers may lack intimatefamiliarity with all operational requirements for using a cellulartelephone or other instrument to select menu entries, identify creditcard information, enter vendor and/or merchant names, and so on. Theseproblems may present issues analogous to a consumer calling a merchantand receiving a seemingly endless array of voice-activated optionsbefore the consumer may achieve what the consumer desires.

The mobile commerce authentication and authorization system of thisdocument, however, advances the art and provides the technicaladvantages of not requiring a consumer or user to possess a paymentinstrument at the time of a transaction; or to know or recallinformation such as a password, a personal identification number, orpersonal details often forgotten; or to be someone identified by suchcharacteristics as biometric fingerprints, appearance, or similarpersonal details.

Rather, the present system achieves authentication and authorization,and consequent trustworthiness, using at least two physical and/orlocation determinables, parameters that are combined to eliminateconcern about further authentication and authorization. The two physicaland location determinables include (a) one or more location parameters,namely the location of the mobile wireless communication instrument thatmay be determined at least using position-determinable data and systems,(b) the location of a point-to-sale device of a vendor and/or merchant,which in combination support the presumption that likelihood that thesame payment sum requested for payment by the user of the mobilewireless communication instrument will not occur substantiallysimultaneously at any other point-of-sale device in a location at thattime.

In addition, the apparatus, system, and methods disclosed, illustrated,and claimed in this document obviate paper receipts, and offer theprospect of substantially instant payment transactions across a creditnetwork.

SUMMARY

The apparatus, system, and method disclosed in this document achieve theabove-stated capabilities by including a mobile wireless communicationsinstrument. A computer, or data processor, is operatively connected tothe mobile wireless communications instrument. In one aspect, the dataprocessor includes a plurality of user programmable sets of instructionexecutable by the data processor for selectively and securely conductingfinancial transactions using the mobile wireless communicationsinstrument. The mobile commerce authentication and authorization systemdisclosed, illustrated, and claimed in this document is capable ofallowing the user of a currently existing mobile wireless communicationsinstrument to authenticate the user, and to have a purchase authorized,without structurally altering or systemically altering the instrument.Authentication is achieved at least by application of position and/orlocation determinable features of a mobile wireless communicationsinstrument, the position and/or location of a point-of-sale device of avendor or merchant where the instrument user seeks to purchase goods orservices, and a payment sum entered on the point-of-sale device. One ormore servers and other data processing components, in combination withcommunications transmission technologies, located in a wireless serverhub (in this document, a “transaction matching subsystem”), assist inreceiving, storing, processing, and/or transmitting the locationparameters and a payment sum amount across the wireless communicationsnetwork.

The mobile commerce authentication and authorization system disclosed,illustrated and claimed in this document is capable of both automaticand automated operability. For example, a user and/or consumer may enterinto a mobile wireless communications instrument an instruction that iscoordinated with SPS (as defined in this document) data that on entryinto a specific store, or on entry into a peripheral area around thestore, the mobile commerce authentication and authorization systemautomatically is activated for use by the consumer. While makingselections of merchandise within the store, the mobile wirelesscommunications instrument may inventory and total the merchandiseselected by the consumer. Alternatively, after making selections ofmerchandise within the store, an agent of the store may confirm thepayment sum due for the merchandise selected. In another aspect, aftermaking selection of merchandise within the store, a point-of-sale deviceof the store may automatically confirm the payment sum due for themerchandise selected.

The consumer, who may be unknown to the agent of the store, isauthenticated by location of the mobile wireless communicationsinstrument. The payment sum entered into the point-of-sale device isauthorized by location of the point-of-sale device and the store, aswell as by the unique payment sum entered into the point-of-sale device.On approval of payment by the consumer, the transaction is concluded andclosed.

Alternatively, in another aspect of the mobile commerce authenticationand authorization system, the consumer may manually initiate the mobilecommerce authentication and authorization system to implement the stepsand results disclosed above. As a person skilled in the art willrecognize, manual initiation of the mobile commerce authentication andauthorization system may be accomplished by voice, by one or moredepressions of keys, or by a wide variety of alternative means.

Another aspect of the mobile commerce authentication and authorizationsystem of this document is the capability of expanding the system toinclude additional levels of authentication and/or authorization. Eithera consumer, merchant, credit network, card association, and/orinterchange, all as defined in this document, may desire additionallevels of assurance and/or trust to effect a transaction. As onenon-exclusive example, if a consumer is outside the customary geographicarea in which the consumer lives and shops, the consumer may be requiredto provide one or more additional means of authentication such as apersonal identification number.

In yet another aspect of the mobile commerce authentication andauthorization system, the system is fully compatible with, and capableof being used over, one or more cooperative message-forwarding systemslinking computer networks around the world, such as the Internet(collectively in this document, “Internet”). Again, no structural orsystemic changes are necessary in the mobile wireless communicationssystem to authenticate and authorize a sale and/or purchase over theInternet. A consumer, however, may want to impose location parameters oflimitation on such authentication and authorization. For example, aconsumer may want to limit sales and purchases if conducted from theconsumer's home, whose location can readily be established by SPSlocation systems and data. Security is thus enhanced if the mobilewireless communications system is stolen: a person who finds or steals acellular telephone, for example, is unlikely to attempt to conduct asale and purchase transaction from the user's home.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic block diagram illustrating the point-of-saledevice employing a mobile wireless communications instrument;

FIG. 2 is a schematic block diagram illustrating a version of the dataprocessing system of the computer associated with the wirelesscommunications instrument;

FIG. 3 is a block and diagrammatic illustration of an application of themobile commerce authentication and authorization system;

FIG. 4 is a flow chart illustrating one aspect of the mobile commerceauthentication and authorization system; and

FIG. 5 is a flow chart illustrating another aspect of the mobilecommerce authentication and authorization system.

DETAILED DESCRIPTION Definitions

As used in this document, the term “unmodified” means a mobile wirelesscommunications instrument not altered structurally or mechanically orsystemically. Instead, the mobile commerce authentication andauthorization system provides the conditions of trust and reliabilitydesired to enable merchants, vendors, credit card associations such asVISA® and MasterCard®, issuers, and financial institutions to approvepayment and to conclude and/or close financial transactions such as, butnot limited to, purchase and sale transactions. In addition, theapparatus, system, and method described, illustrated, and claimed inthis document do not require or rely on the existence or use of suchconventional payment entities. Instead, the mobile commerceauthentication and authorization system can conclude payments using anyfinancial and/or payment system.

The terms “mobile wireless communications instrument” and “portablewireless communications instrument” as used in this document mean atleast a wireless communication instrument used in a wirelesscommunications system that, in general, includes an array of operativelyconnected communication devices adapted to receive and transmit at leastelectromagnetic signals across the system without cables using infraredlight and radio signals, and also includes a telecommunications systemin which electromagnetic waves, rather than some form of wire, carry thesignal over all or part of the communication path. The mobile wirelesscommunications instrument may also receive and transmit signalsincluding, location parameters, from satellites, including satellitesthat are part of the Global Positioning System (GPS), Galileo, GLONASS,NAVSTAR, GNSS, a system that uses satellites from a combination of thesesystems, or any satellite positioning system subsequently developed(collectively referred to generally in this document as a SatellitePositioning System (“SPS”). As used in this document, an SPS alsoincludes pseudolite (pseudo-satellite) systems. As a person skilled inthe art will appreciate, however, the technology of all SPS systems isconstantly being improved. New as yet unknown technologies for locationdetermination and for determining location parameters of use with themobile commerce authentication and authorization system of this documentmay be developed, may be used in connection with the mobile commerceauthentication and authorization system of this document, and areincluded in the meaning of “SPS” as used in this document.

The term “instrument” in combination with the words “mobile wirelesscommunications,” means and includes at least a cellular telephone. apager, a satellite telephone, a two-way pager, a personal digitalassistant (“PDA”) having wireless capabilities, a portable computerhaving wireless capabilities, wireless local area networks, and anyother type of wireless device having transmission capabilities that mayalso be one or more versions of a personal communications servicesdevice (“PCS”) including time division multiple access (“TDMA”), a codedivision multiple access (“CDMA”), a global system for mobile (“GSM”),non-voice communications apparatus, and text transmission apparatus,among others. The term “instrument” is also intended to include deviceswhich communicate with a personal navigation device (“PND”), such as byshort-range wireless, infrared, wireless connection, or otherconnection, regardless of whether satellite signal reception, assistancedata reception, and/or position-related processing occurs at the deviceor at the PND. Also, “instrument” is intended to include all devices,including wireless communication devices, computers, laptops, etc. whichare capable of communication with a server, such as via the Internet,WiFi, or other network, and regardless of whether satellite signalreception, assistance data reception, and/or position-related processingoccurs at the device, at a server, or at another device associated withthe network. Any operable combination of the above are also considered a“mobile station.”

The term “location” and “position” and “location-determinable” mean thephysical and geographic location of a mobile wireless communicationsinstrument and a vendor's point-of-sale device determined by anytechnique, technology, or system, or any combination of techniques,technologies, or systems, known or as yet unknown, for determininglocation parameters. Currently, such techniques and apparatus used forvarious wireless communication networks such as an SPS system incombination with a wireless wide area network (WWAN), a wireless localarea network (WLAN), a wireless personal area network (WPAN), and so on.The term “network” and “system” are often used interchangeably. A WWANmay be a Code Division Multiple Access (CDMA) network, a Time DivisionMultiple Access (TDMA) network, a Frequency Division Multiple Access(FDMA) network, an Orthogonal Frequency Division Multiple Access (OFDMA)network, a Single-Carrier Frequency Division Multiple Access (SC-FDMA)network, and so on. A CDMA network may implement one or more radioaccess technologies (RATs) such as cdma2000, Wideband-CDMA (W-CDMA), andso on. Cdma2000 includes IS-95, IS-2000, and IS-856 standards. A TDMAnetwork may implement Global System for Mobile Communications (GSM),Digital Advanced Mobile Phone System (D-AMPS), or some other RAT. GSMand W-CDMA are described in documents from a consortium named “3rdGeneration Partnership Project” (3GPP). Cdma2000 is described indocuments from a consortium named “3rd Generation Partnership Project 2”(3GPP2). 3GPP and 3GPP2 documents are publicly available. A WLAN may bean IEEE 802.11x network, and a WPAN may be a Bluetooth network, an IEEE802.15x, or some other type of network. The techniques may also be usedfor any combination of WWAN, WLAN and/or WPAN. As a person skilled inthe art will appreciate, other emerging technologies and networks arecontemplated, including the Universal Mobile Telecommunications System(UMTS), also sometimes referred to as 3GSM technology, which is athird-generation (3G) technology already being developed as afourth-generation (4G).

The term “match” means to compare at least location parameters with thegoal of uniting the location parameters into an acceptable associationof data to warrant both authentication and authorization sufficient toenable mobile commerce financial transactions, including payments.

The term “transaction parameters” includes at least location informationand one or more payment sums in connection with a financial transaction.

The term “point-of-sale device” means at least a terminal or otherdevice that may function like a cash register or similar device forrecording sales. It may include peer-to-peer near field communicationsdevices, ISO 14443-compliant contactless card, and ISO 18092-compliantFeliCa card among others. Thus, a point-of-sale device includes not onlycredit card and debit card readers that may include touch screens, andconventional cash registers, but also automatic and automated tellermachines (“ATM's”), among others. The location of the point-of-saledevice may be determined by any means of determining location parametersdiscussed in this document.

The term “credit network” means a national and/or worldwide system inwhich financial institutions, merchants, and public users areconnectable. Credit networks were designed for use primarily withpayment instruments. Payment instruments allow public users, orcustomers, to use, for example, a credit or debit card to purchase goodsor services in substantially real time following authentication of thecustomer, authorization, and approval of the transaction by a financialinstitution. A user, or customer (in this document, either “user” or“customer”), is issued a payment instrument such as a credit or debitcard after an account has been approved by the credit provider, often afinancial institution such as a bank, with which the user is able tomake purchases from merchants who accept the credit, up to apre-established limit. In addition, a “card association” often isincluded in the credit network, and includes among others VISA® andMasterCard® which act as gateways between a financial institution andissuer for authorizing and funding transactions, the issuer being afinancial institution or other organization that issued the credit/debitcard to the cardholder.

The flow of information and money among the various parties across acredit network, almost always through card associations, is known as the“interchange.” The interchange includes a number of steps. The firststep is authorization, in which the cardholder pays for a purchase, andthe merchant submits the transaction to a financial institution thatverifies, almost instantly, that the card number and transaction amountboth are valid, and then processes the transaction for the cardholdersAnother step includes “batching,” which is the step by which atransaction is authorized and then stored in a batch which the merchantsends to the financial institution for later payment. Another stepincludes clearing and settlement, which is when the financialinstitution sends the transactions in a batch through the cardassociation which debits the issuers for payment and credits thefinancial institution. Finally, there is the step of funding. Once thefinancial institution has been paid, the merchant receives payment.

The term “payment instrument” means at least a credit card, a debitcard, a contactless card, debit lines, debit coupons, and cashequivalents.

The term “financial transaction” means at least the use of financialdata and financial information related to an exchange or transfer ofgoods, services or funds, generally based on contract, agreement,bargain and similar transactions.

The term “authentication” means to confirm, prove, and/or serve to provethat a person is who the person asserts the person is. The term“authorization” means legal and/or custom that empowers a person to actor omit to act. Authentication and authorization are achieved withoutaltering existing mobile wireless communications instruments by insteadrelying on data concerning the position or location of (i) the mobilewireless communications instrument, and (ii) a vendor point-of-saledevice (collectively, the “location parameters,” individually a“location parameter”), and by (iii) establishing a relationship betweenthe location parameters and a payment sum entered into the point-of-saledevice by either the user of the mobile wireless communicationsinstrument, or a person entering data into a point-of-sales device, orother means.

The term “approved” includes authenticated and authorized transactions.

The term “wireless communications network” means a wirelesscommunications system adapted to communicate with one or more mobilewireless communications instruments, including not only the QUALCOMM®QSHOP™ system, but also any communications system capable of associatinggeographical location data with a mobile wireless communicationsinstrument, a point-of-sale device in a merchant's store, and oftransmitting between such geographic locations payment sums pertainingto a commercial transaction involving the sale and purchase of goodand/or services, using SPS position-determination technology.

The term “payment sum” means not only the amount of a purchase sum oramount, in any vendor-acceptable currency, that the user desires to payfor the products or services of the vendor, but also any and all paymentinstructions in connection with the payment sum made as a result of apayment application.

The term “transaction matching subsystem” means a back-office subsystemof a wireless communications network including, but not limited to, theQUALCOMM Mobile Commerce Platform that includes QFLOW™.

The term “user” means a person or persons authorized to use the mobilewireless communications instrument and to access either a credit networkto conduct and conclude payments in connection with one or more paymentinstruments, or one or more databases for storing, receiving andtransmitting financial data.

The word “exemplary” is used herein to mean “serving as an example,instance, or illustration.” Any aspect described in this document as“exemplary” is not necessarily to be construed as preferred oradvantageous over other aspects.

Description

The apparatus, system, and methods described, illustrated, and claimedin this document relate generally to a mobile commerce authenticationand authorization system. The system enables a user of an unmodifiedmobile wireless communications instrument, including, but not limitedto, a mobile wireless cellular telephone, to conclude authenticated andauthorized purchases, and other commercial transactions, across awireless communications system.

As used in this document, the term “unmodified” means that the mobilewireless communications instrument need not be altered structurally ormechanically, or enhanced systemically, to create the conditions oftrust and reliability desired to enable merchants, vendors, credit cardassociations such as VISA® and MasterCard®, issuers, and financialinstitutions to approve and conclude such transactions.

Authentication and authorization are achieved without altering existingmobile wireless communications instruments by, in one aspect,determining the location of (i) the mobile wireless communicationsinstrument, (ii) the location of a vendor point-of-sale device, and(iii) establishing a relationship between the location parameters and apayment sum entered into the point-of-sale device either by the user ofthe mobile wireless communications instrument, or a person entering datainto a point-of-sale device, or other means.

The mobile wireless communications instrument is capable of allowing aconsumer to effect payments across a credit network anonymously bycharging a payment to one or more payment instruments of the user, or bysatisfying the requirements of any other payment system. The mobilewireless communications instrument is capable of allowing a consumer toanonymously effect payments across a credit network by charging apayment to one or more payment instruments of the user, or to conductand conclude such commercial transactions using any payment systemdesired by a consumer and acceptable to a vendor or merchant. Anonymityis achieved by use of the location parameters for authentication and therelationship between the location parameters and a payment sum, thusobviating the need for conventional identification features such as apersonal identification number, possession of a payment instrument,provision of a biometric identifier, or any comparable device orprocedure. However, as a person skilled in the art will appreciate, themobile commerce authentication and authorization system is fully capableof incorporating the use of such conventional identification features,and others not yet developed. Thus, for example, a user may be requiredby a vendor policy or carrier policy to enter a personal identificationnumber (“PIN”) using the mobile wireless communications instrument tofurther enhance the reliability of the authentication and authorizationdata provide by the mobile commerce authentication and authorizationsystem of this document. Alternatively, the user may be required toenter additional information only for purchases exceeding a certainamount or other limitations. The mobile commerce authentication andauthorization system is adaptable to include and process such additionalrequirements.

In another aspect of the mobile commerce authentication andauthorization system, anonymity may be achieved by authenticating thelocation of the mobile wireless communications instrument, the locationof the point-of-sale device, and establishing a relationship betweenthose location parameters and a payment sum. Accordingly, neither use ofa personal identification number, nor possession of a paymentinstrument, nor provision of a biometric identifier, nor any comparabledevice or procedure is required, although those means of identificationmay be advantageously used in connection with the mobile commerceauthentication and authorization system of this document.

As indicated, in another aspect of the mobile commerce authenticationand authorization system, the mobile commerce authentication andauthorization system is capable of allowing a user of an unmodifiedmobile wireless communications instrument to conduct commercialtransactions requiring a payment in exchange for purchase of goods orservices by using any payment system desired by a user and acceptable toa vendor.

In yet another aspect, a transaction matching subsystem located in awireless customer server hub may assist in processing the location dataand the payment sum amount across the wireless communications network.

More specifically, in at least one aspect of the apparatus, system, andmethod disclosed, illustrated and claimed in this document, a mobilecommerce authentication and authorization system 10 is provided thatincludes a portable, or mobile, wireless communications instrument 12,as illustrated schematically and diagrammatically in FIG. 1. The mobilewireless communications instrument 12 is selected from the group ofmobile wireless communications instruments consisting of cellulartelephones, communication apparatus providing personal communicationsservices (PCS) including time division multiple access (TDMA), codedivision multiple access (CDMA), and global system for mobile (GSM),non-voice communication apparatus, text transmission apparatus,satellite telephones, two-way pagers, personal digital assistants,portable wireless computers, a wireless instrument specifically designedto implement financial data transactions, among others.

As also illustrated by cross-reference between FIGS. 1-2, the mobilecommerce authentication and authorization system 10 also includes acomputer and/or data processor 100. As shown, the data processing system100 is operatively connected to the mobile wireless communicationsinstrument 12. In one aspect, the data processing system 100 is housedin the wireless communications instrument 12. The data processing system100 is adapted to transmit and receive programmable instructions inconnection with one more payment instruments 14. In operation, any andall data electronically or otherwise embedded in and on the one or morepayment instruments 14, as shown in FIG. 1, as well as any other dataassociated with a user and/or customer (collectively, in this document,“user”), a financial institution, and/or a card association, may bestored in the data processing system 100 of the mobile wirelesscommunications instrument 12 for use as further described in thisdocument.

The data processing system 100 of the mobile communications instrument12 includes a number of optional features as illustrated in anon-exclusive example in the block diagram in FIG. 2. As shown, the dataprocessing system 100 may include a variety of components to enable themobile communications instrument 12 to send and receive data andinformation at least to one or more point-of-sale devices 16 a-c, aswell as across a mobile wireless communications system 18 as illustratedin FIG. 3. As shown, the data processing system 100 includes a computerprocessor 102, memory 104, the computer processor 102 and memory 104connected by a bus 106. Memory 104 is a relatively high speed machinereadable medium and may includes volatile memories such as DRAM, andSRAM, as well as non-volatile memories such as ROM, FLASH, EPROM,EEPROM, and bubble memory.

Also connectable to the bus 106 are optional secondary storage 108,external storage 110, output devices such as a first monitor 112 a thatmay be mounted on the mobile wireless communications system 12, and inoptional configurations an input device such as a keyboard 114 with amouse 116, and perhaps even a printer 118. Secondary storage 108 mayinclude machine-readable media such as a hard disk drive, a magneticdrum, and a bubble memory. External storage 110 may includemachine-readable media such as a floppy disk, a removable hard drive, amagnetic tape, C-ROM, and even other computers, possibly connected via acommunications line 120. The distinction between secondary storage 108and external storage 110 is primarily for convenience in describing theinvention. As such, a person skilled in the art will appreciate thatthere is substantial functional overlap between and among thecomponents. Computer software and user programs can be stored in asoftware storage medium such as memory 104, secondary storage 108, andexternal storage 110. Executable versions of computer software can beread from a storage medium such as non-volatile memory, loaded forexecution directly into volatile memory, executed directly out ofnon-volatile memory, or stored on the secondary storage 108 prior toloading into volatile memory for execution.

In addition, those skilled in the art also will appreciate that thevarious illustrative logical blocks, modules, circuits, and algorithmsteps described in connection with the aspects of the inventiondisclosed in this document may be implemented as electronic hardware,computer software, or combination of both. To clearly illustrate thisinterchangeability of hardware and software, various illustrative andnon-exclusive components, blocks, modules, circuits, and steps have beendescribed in this document generally in terms of their functionality.Whether such functionality is implemented as hardware or softwaredepends on the particular application and design constraints imposed onan overall system. Skilled artisans may implement the describedfunctionality in varying ways for each particular application, but suchimplementation decisions should not be interpreted as causing adeparture from the scope of the present invention.

The various illustrative logical blocks, modules, and circuits describedin connection with the aspects disclosed in this document may beimplemented or performed with a general purpose processor, a DigitalSignal Processor (DSP), an Application Specific Integrated Circuit(ASIC), a Field Programmable Gate Array (FPGA) or other programmablelogic device, discrete gate or transistor logic, discrete hardwarecomponents, or any combination thereof designed to perform the functionsdescribed herein. A general-purpose processor may be a microprocessor,but in the alternative, the processor may be any conventional processor,controller, microcontroller, or state machine. A processor may also beimplemented as a combination of computing devices such as, in anon-exclusive example, a combination of a DSP and a microprocessor, aplurality of microprocessors, one or more microprocessors in conjunctionwith a DSP core, or any other such configuration.

In another aspect of the mobile commerce authentication andauthorization system 10 of this document, compatible near fieldcommunication instruments and devices may be used. As illustrated bycross-reference between FIGS. 1-3, the data processing system 100 of thewireless communications instrument 12 is capable of communicating dataand information, including a purchase sum or amount, to the one or morepoint-of-sale devices 16 a-c using, for example, a transaction matchingsubsystem 20, as shown in FIG. 3, or similar technology that responds tothe location parameters.

The method and apparatus described in this document may be used inconnection with various satellite positioning systems (“SPS”), such asthe United States Global Positioning System (“GPS”), the Russian Glonasssystem, the European Galileo system, any system that uses satellitesfrom a combination of satellite systems, or any satellite systemdeveloped in the future. Furthermore, the disclosed method and apparatusmay be used with positioning determination systems that utilizepseudolites or a combination of satellites and pseudolites. Pseudolitesare ground-based transmitters that broadcast a PN code or other rangingcode (similar to a GPS or CDMA cellular signal) modulated on an L-band(or other frequency) carrier signal, which may be synchronized with GPStime. Each such transmitter may be assigned a unique PN code so as topermit identification by a remote receiver. Pseudolites are useful insituations where GPS signals from an orbiting satellite might beunavailable, such as in tunnels, mines, buildings, urban canyons orother enclosed areas. Another implementation of pseudolites is known asradio-beacons. The term “satellite”, as used herein, is intended toinclude pseudolites, equivalents of pseudolites, and possibly others.The term “SPS signals”, as used herein, is intended to include SPS-likesignals from pseudolites or equivalents of pseudolites. As a person ofskill in the art will appreciate, ground-based, or terrestrial, systemsmay also be used. Other means for discovering the location of theterminals such as triangulation, Time Delay of Arrival, and Assisted GPSmay also be used. As an aid in describing the contributions to the artprovided by the mobile commerce authentication and authorization system10, an SPS system 22 is identified diagrammatically in FIG. 3, alongwith a terrestrial system 24.

As also illustrated in FIG. 3, the one or more point-of-sale devices 16a-c are shown mounted on cashier check-out counters 26 a-c. The one ormore point-of-sale devices 16 a-c are operatively connectable, ondemand, to the portable wireless communications instrument 12 a,b. Thepoint-of-sale devices 16 a-c are adapted to receive and process paymentdata. The payment data may be received, stored, processed, executed andtransmitted across the mobile wireless communications system 18. Themobile wireless communications system 18 may include use of the Internetfor communicating across a mobile wireless communications cloud 28 asdefined in this document. Accordingly, the point-of-sale devices 16 a-care adapted to receive and process payment data across a credit networkthat is included in the mobile wireless communications system 18 towhich the point-of-sale devices 16 a-c are poperatively connectable. Thelocation of the point-of-sale devices may be determined for purposes ofthe mobile commerce authentication and authorization system 10 by use ofa location determination system such as SPS system 22. In anotheraspect, location of the point-of-sale devices may be determined byreference to the location of the store or other vendor in which thepoint-of-sale devices are located, including survey coordinates.

In operation, therefore, as illustrated in FIG. 4, the mobile commerceauthentication and authorization system 10 is summarized by a flowchart400. At block 402 a mobile wireless communications instrument has beenidentified and selected for use by a user. In one aspect of the mobilecommerce authentication and authorization system 10, the mobile wirelesscommunications instrument is a cellular telephone of the kind nowcommonly in use worldwide. The cellular telephone is presumed to beequipped with the capability to communicate across the mobile wirelesscommunications system 18, and to include SPS capabilities among itsfeatures. Neither the user, developer, nor manufacturer of the cellulartelephone must modify such a cellular telephone to achieve the technicaladvantages of the mobile commerce authentication and authorizationsystem 10 described in this document.

As also illustrated in FIG. 4, at block 404 the user may enter at anytime data and information identifying a vendor, particularly a vendorwith which the user has or intends to conduct more than one financialtransaction such as sales and purchases. Such information identifying avendor may include, as indicated by block 406, the name of a vendor. Thename of the vendor may be specific, for example, a specific vendor at aspecific location. The name of the vendor may also include the name forgeneral application, for example, a supermarket chain regardless of thegeographical location of the specific market. Alternatively, theinformation identifying a vendor may include geographical coordinates ofa specific vendor with or without regard to the name of the vendor. Inanother aspect, the information identifying a vendor may includegeographical coordinates of a geographical area in which the userconducts a number of financial transactions, for example, a shoppingcenter in which the user may purchase coffee, shop for groceries, andpurchase gasoline.

At block 408, when the predetermined geographical location data for avendor has been met or satisfied as the cellular telephone enters thelocation of the vendor, a payment application may automatically beinitiated. This achieves the advantage of expediting conclusion of apayment application by determining the cumulative payment sum for atransaction as the user proceeds toward a point-of-sale device toconclude the transaction. The automatic payment application feature ofthe mobile commerce authentication and authorization system 10 alsoachieves the additional advantage of contributing to authentication ofthe user and the consequent authorization of the transaction by thevendor. Alternatively, as also shown in block 408 the paymentapplication process may be manually initiated by the user. The manualpayment application feature of the mobile commerce authentication andauthorization system 10 achieves the additional advantage of using theauthentication and authorization steps to conduct a financialtransaction when a vendor has not been predetermined and entered intothe system. For example, a user may be traveling away from the user'scustomary area of commerce, and may want to conduct a financialtransaction using the mobile commerce authentication and authorizationsystem 10.

As indicated in FIG. 4 at block 410, the location data and the paymentsum are matched by the mobile commerce authentication and authorizationsystem 10. In one aspect, when a user is in the user's customary area ofcommerce, the predetermined location data of the vendor is compared withthe location data of the cellular telephone, and the payment sum.Accordingly, at block 412 the user may enter an authorization forpayment, or alternatively the system may request confirmation that theuser is prepared to conduct and conclude the transaction, which isconcluded at block 414. As a person skilled in the art will appreciate,the process enumerated in flowchart 400 may end or be repeated.

A further illustration of the mobile commerce authentication andauthorization system 10 is illustrated in FIG. 5 by flowchart 500. Theprocess illustrated in FIG. 5 is as follows. At block 502 location datagermane to the mobile commerce authentication and authorization system10 has been obtained from the various location determination sourcesidentified in this document. As indicated, the location data may beobtained from either an SPS system, including pseudo-satellite systems,or a terrestrial, or a combination of both. At block 504 the locationdata in connection with one or more wireless communication instrumentsand one or more vendors and one or more point-of-sale devices has beenreceived and processed by the transaction matching subsystem. At block506 the transaction matching subsystem has continued to monitor thelocation of the mobile wireless communications instrument as it movesfrom place to place. At block 508, the vendor may be a single vendor ata physical location, or may be any number of locations of a vendor byname. For example, the location of all stores bearing the name ABC maybe tracked by the transaction matching subsystem in block 504. At block510, at least one point-of-sale device either has been identified as tolocation, or has been presumed to be within the geographical location ofthe vendor in block 508. Accordingly, all of the location data forachieving authentication and authorization has been identified andassembled in order to effect the payment contemplated by the mobilecommerce authentication and authorization system 10. Therefore, thetransaction matching subsystem is prepared at block 512 to match thepayment request and provide authorization based on the location dataprovided by the transaction matching subsystem in connection with themobile commerce authentication and authorization system 10.

Those of skill in the art also would understand that information andsignals may be represented using any of a variety of differenttechnologies and techniques. For example, data, instructions, commands,information, signals, bits, symbols, and chips that may be referencedthroughout the above description may be represented by voltages,currents, electromagnetic waves, magnetic fields or particles, opticalfields or particles, or any combination thereof.

The previous description of the disclosed aspects is provided to enableany person skilled in the art to make or use the present invention.Various modifications to these embodiments will be readily apparent tothose skilled in the art, and the generic principles defined herein maybe applied to other embodiments without departing from the spirit orscope of the invention. Thus, the present invention is not intended tobe limited to the aspects shown in this document, but is to be accordedthe widest scope consistent with the principles and novel featuresdisclosed herein.

1. An apparatus for authenticating and authorizing a paymenttransaction, comprising: a transaction matching subsystem configured to:receive and process transaction parameters provided by a first mobilewireless communications instrument; receive and process transactionparameters provided by a first point-of-sale device; and send a messageto the first mobile wireless communications instrument and to the firstpoint-of-sale device confirming or not confirming a match of thetransaction parameters to authenticate and authorize the paymenttransaction.
 2. An apparatus for authenticating and authorizing apayment transaction as recited in claim 1, wherein the transactionparameters include at least location information and a transactionamount.
 3. An apparatus for authenticating and authorizing a paymenttransaction as recited in claim 1, wherein the second device is anear-field communication (NFC) point-of-sale device.
 4. An apparatus forauthenticating and authorizing a payment transaction as recited in claim1, wherein the location parameters includes the geographical location ofat least the first point-of-sale device.
 5. An apparatus forauthenticating and authorizing a payment transaction as recited in claim1, wherein the location parameters includes the geographical location ofat least the first mobile wireless communications instrument seconddevice.
 6. An apparatus for authenticating and authorizing a paymenttransaction as recited in claim 1, wherein the transaction matchingoccurs automatically.
 7. A mobile commerce authentication andauthorization system, comprising: a mobile wireless communicationsinstrument; a data processing system having logic operatively connectedto the mobile wireless communications instrument adapted to receive,store, process, execute and transmit at least a first set of locationdata and a payment sum across a wireless communications network; avendor point-of-sale device operatively connectable to the mobilewireless communications instrument adapted to receive, store, process,execute and transmit a second set of location data across the wirelesscommunications network, wherein the vendor point-of-sale device isfurther adapted to transmit, store and receive the payment sum dataacross the wireless communications network; and a transaction matchingsubsystem located in a wireless customer server hub adapted to processat least the first set of location data, the second set of locationdata, and to automatically initiate a payment sum across the wirelesscommunications network.
 8. A mobile commerce authentication andauthorization system as recited in claim 7, wherein the first set oflocation data includes the geographical location of the mobile wirelesscommunications instrument.
 9. A mobile commerce authentication andauthorization system as recited in claim 7, wherein the second set oflocation data includes the geographical location of at least onepoint-of-sale device.
 10. A mobile commerce authentication andauthorization system as recited in claim 7, wherein the second set oflocation data includes the geographical location of a geographical areain which one or more vendor locations is located.
 11. A mobile commerceauthentication and authorization system as recited in claim 7, whereinthe logic of the data processing system is programmable to include atleast the geographical location of vendors.
 12. A mobile commerceauthentication and authorization system as recited in claim 7, whereinthe logic of the data processing system is programmable to automaticallyinitiate a payment application as the user enters the geographical areain which one or more vendor locations is located.
 13. A mobile commerceauthentication and authorization system as recited in claim 7, whereinthe logic of the data processing system is programmable to automaticallyinitiate a payment application as the mobile wireless communicationsinstrument enters one or more vendor locations described by the name ofvendor.
 14. A mobile commerce authentication and authorization system asrecited in claim 7, wherein the logic of the data processing system isprogrammable to manually initiate a payment application.
 15. A mobilecommerce authentication and authorization system as recited in claim 7,wherein the logic of the data processing system is programmable to matchand compare at least the first set of location data, the second set oflocation data, and the payment sum data authorized.
 16. An apparatus forauthenticating and authorizing a financial transaction across a mobilewireless communications system, comprising: a mobile wirelesscommunications instrument adapted to receive, store, process, executeand transmit the location of the mobile wireless communicationsinstrument; at least one vendor point-of-sale device operativelyconnectable to the mobile wireless communications instrument adapted toprovide the location of the at least one vendor point-of-sale device;and an executable program operatively connected to the mobile wirelesscommunications instrument and to the at least one vendor point-of-saledevice for automatically initiating a payment application and forauthorizing and authenticating the financial transaction resulting froma matching of the location of the mobile wireless communicationsinstrument, the location of the at least one vendor, and the amount ofthe payment application.
 17. An apparatus for authenticating andauthorizing a financial transaction across a mobile wirelesscommunications system as recited in claim 16, wherein the executableprogram is capable of manual initiation of a payment applicationresulting from a matching of the location of the mobile wirelesscommunications instrument, the location of the at least one vendorpoint-of-sale device, and the amount of the payment application.
 18. Anapparatus for authenticating and authorizing a financial transactionacross a mobile wireless communications system as recited in claim 17,wherein the executable program is stored in a data processing system.19. An apparatus for authenticating and authorizing a financialtransaction across a mobile wireless communications system as recited inclaim 18, wherein the data processing system is located in the mobilewireless communications instrument.
 20. An apparatus for authenticatingand authorizing a financial transaction across a mobile wirelesscommunications system as recited in claim 19, wherein the dataprocessing system is located in a transaction matching subsystem locatedin a wireless customer server hub.
 21. An apparatus for authenticatingand authorizing a financial transaction across a mobile wirelesscommunications system as recited in claim 20, wherein the vendorpoint-of-sale device is further adapted to transmit, store and receive apayment application across the wireless communications network.
 22. Apayment system, comprising: means for authenticating a mobile wirelesscommunications instrument; means for authorizing a financial transactionusing a mobile wireless communications instrument; and means forinitiating a payment application from a point-of-sale device across themobile wireless communications system.
 23. A payment system as recitedin claim 22, wherein the means for authenticating is a point-of-saledevice.
 24. A payment system as recited in claim 22, wherein the meansfor authenticating further comprises a location determination system foridentifying the location of the point-of-sale device.
 25. A paymentsystem as recited in claim 22, wherein the means for authenticatingfurther comprises the amount of the payment application.
 26. A method ofauthenticating and authorizing a payment, comprising: selecting at leastone mobile wireless communications instrument; selecting at least onepoint-of-sale device; operatively connecting the at least one mobilewireless communications instrument and the at least one point-of-saledevice to a transaction matching subsystem, wherein the transactionmatching subsystem confirms the location of the at least one mobilewireless communications instrument and the location of the at least onepoint-of-sale device.
 27. A method of authenticating and authorizing apayment as recited in claim 26, further comprising: automaticallydetermining the location of the mobile wireless communicationsinstrument; and automatically determining the location of thepoint-of-sale device.
 28. A method of authenticating and authorizing apayment as recited in claim 26, further comprising automaticallydetermining the location of a geographical boundary associated with oneor more vendor locations.
 29. A method of authenticating and authorizinga payment as recited in claim 26, further comprising: automaticallyinitiating a payment application as the mobile wireless communicationsinstrument enters the geographical boundary around one or more vendorlocations; or automatically initiating a payment application as themobile wireless communications instrument enters one or more vendorlocations described by the name of vendor.
 30. A method ofauthenticating and authorizing a payment as recited in claim 26, furthercomprising manually initiating a payment application.
 31. A method ofauthenticating and authorizing a payment as recited in claim 26, furthercomprising matching the location data.
 32. A method of authenticatingand authorizing a financial transaction across mobile wirelesscommunications system, the method comprising: installing one or moredata processing systems in a mobile wireless communications instrument;connecting the mobile wireless communications instrument to apoint-of-sale device and to the mobile wireless communications system;determining the location of the mobile wireless communicationsinstrument; determining the location of the point-of-sale device;initiating a payment application; matching the location of the mobilewireless communications instrument and of the point-of-sale device withthe payment application; and approving the payment application.
 33. Amethod of authenticating and authorizing a financial transaction acrossmobile wireless communications system as recited in claim 32, furthercomprising connecting the mobile wireless communications instrument andthe point-of-sale device to a transaction matching subsystem to receive,process and transmit information.
 34. A method of authenticating andauthorizing a financial transaction across mobile wirelesscommunications system as recited in claim 33, wherein installing one ormore data processing systems in a mobile wireless communicationsinstrument includes installing the one or more data processing systemsin a cellular telephone.
 35. A method of authenticating and authorizinga financial transaction across mobile wireless communications system asrecited in claim 32, wherein determining the location of the mobilewireless communications instrument includes: equipping the mobilewireless communications instrument to be operatively connectable to atleast one SPS system; and using the at least one SPS system to providegeographical coordinates of the cellular telephone.
 36. A method ofauthenticating and authorizing a financial transaction across mobilewireless communications system as recited in claim 35, whereindetermining the location of the point-of-sale device includes one of:operatively connecting the point-of-sale device across the mobilewireless communications system to the at least one SPS system; using theat least one SPS system to provide geographical coordinates of thepoint-of-sale device; or using the at least one SPS system to providegeographical coordinates of a geographical area in which thepoint-of-sale device is located; using the at least one SPS system toprovide geographical coordinates of a vendor facility in which thepoint-of-sale device is located; or using the at least one SPS system toprovide the location of the point-of-sale device by relation to the nameof a vendor wherever located.
 37. A method of authenticating andauthorizing a financial transaction across mobile wirelesscommunications system as recited in claim 36, wherein initiating apayment application includes one of: entering into the one or more dataprocessing systems the identity of a plurality of vendors with which theuser intends to conduct financial transactions; entering into the one ormore data processing systems user-selected security information;automatically initiating a payment application when the mobile wirelesscommunications instrument enters a vendor facility; automaticallyinitiating a payment application when the mobile wireless communicationsinstrument enters the geographical area in which the point-of-saledevice is located; automatically initiating a payment application whenthe mobile wireless communications instrument is within a vendorfacility in which the point-of-sale device is located; automaticallyinitiating a payment application when the mobile wireless communicationsinstrument is within a vendor facility associated with the name of avendor.
 38. A method of authenticating and authorizing a financialtransaction across mobile wireless communications system as recited inclaim 37, wherein matching the location of the mobile wirelesscommunications instrument and of the point-of-sale device with thepayment application includes: confirming the location data; andconfirming the payment sum.
 39. A method of authenticating andauthorizing a financial transaction across mobile wirelesscommunications system as recited in claim 38, wherein the approving thepayment application includes: transmitting an instruction from themobile wireless communications instrument to the point-of-sale device;and the vendor accepting the combination of the location data and thepayment sum to authenticate and authorize the financial transaction. 40.A storage medium containing computer software encoded inmachine-readable format for authenticating and authorizing a financialtransaction, the computer software comprising: at least one instructionfor automatically authenticating a payment application based on locationdata; at least one instruction for automatically authorizing a paymentapplication based on location data; at least one instruction forautomatically matching the location data and a payment sum; at least oneinstruction for establishing a communications link between a mobilewireless communications instrument and a point-of-sale device; and atleast one instruction for repeating computer instructions.
 41. A storagemedium containing computer software encoded in machine-readable formatfor authenticating and authorizing a financial transaction as recited inclaim 40, wherein the location data includes the location of mobilewireless communications instrument.
 42. A storage medium containingcomputer software encoded in machine-readable format for authenticatingand authorizing a financial transaction as recited in claim 40, whereinthe location data includes the location of a vendor.
 43. A storagemedium containing computer software encoded in machine-readable formatfor authenticating and authorizing a financial transaction as recited inclaim 40, wherein the location data includes the location of a vendor'spoint-of-sale device.